Kube-Proxy configuration file ownership is not set to root:root

Best practices

Kube-Proxy configuration file ownership is not set to root:root

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
CPRA
ISO/IEC 27001
K8s CIS
Mitre ATT&CK
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
STIG K8s
UK Cyber Essentials

Description

It was found that the Kube-Proxy configuration file's owner is not set to root. Setting the file's owner to a low privileged user allows the modification of the file by this user and expose the configuration file to unwanted modification.

Recommended Mitigation

It is recommended to change the file's owner to 'root' to allow the file modification for privileged users only.

Kube-Proxy configuration file ownership is not set to root:root

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS